Configure Message Size Limits in Exchange 2010

If you’re running Exchange 2010 at your office, you may have noticed that the default incoming and outgoing message size limit  is 10,240 KB or 10 MB. These days, however, there are many attachments that far exceed this size.

If you want to increase the maximum receive size and the maximum send size for emails, it’s not as simple as you might think. But then again, when is anything easy to figure out in Exchange!

In order to change the size limits, you have to make the change in several locations within the Exchange Management Console.

hub transport exchange

First, you need to modify the global settings at this location:

Organization Configuration – Hub Transport – Global Settings – Properties of Transport Settings

Here you will be able to edit the transport send and receive limits. Once you have done that, you need to modify the send and receive connectors.

global transport settngs

You can change the Send Connector by going to the following location:

Organization Configuration – Hub Transport – Global Settings – Properties of Default Send

And you can do the same thing for the Receive Connector here:

Server Configuration – Hub Transport – Receive Connectors Pane – Properties of Default <host>

That is all there is to it! Note that the largest value you can enter into the maximum receive size and maximum send size in KB is 2097151, which is basically 2 GB! Hopefully, no one in your organization needs to attach a file that is 2 GB in size.

Finally, you need to make sure you restart your Exchange server for the new size limits to take effect. If you can’t reboot, you can try to restart the Exchange services and see if that works.

Also, you can change the max number of recipients in the Global Transport settings dialog. The range is from 0 to a whopping 2147483647.

Exchange System Manager 2003 for Windows Vista now available

At my previous job one of my resonsibilities was to maintain several Exchange 2003 installations.  One of the reasons I chose not to run Windows Vista on my laptop was because there was no Exchange System Manager (ESM) 2003 administrative tools that ran on Vista.

The Microsoft Exchange Team Blog just announced a version of ESM 2003 for Vista is now available for download.

IMPORTANT: Installing Exchange System Manager on the same computer as Microsoft Office Outlook is not supported, because MAPI CDO cannot be installed


You can install Exchange System Manager for Exchange Server 2003 on a Windows Vista-based computer using the following requirements:

• Must be run on a computer in a domain that has Microsoft Exchange Server 2003 (SP2) installed.
• Must be installed on Windows Vista or Windows Vista Service Pack 1 (SP1).
• The following must be installed by a user who has Administrative rights. Windows Server 2003 Service Pack 1 Administration Tools Pack or Windows Server 2003 R2 Administration Tools Pack (x86). We recommend installing R2.
• Windows Server 2008 is not supported.

Windows 2008/Exchange 2007 Event 4001: A transient failure has occurred. The problem may resolve itself in awhile. The service will retry in 56 seconds.

Today I was installing Exchange 2007 SP1 on an HP Proliant DL380 G5 server running Windows 2008 x64. After the installation and reboot, I kept receiving the following error in the Event log:

Event ID: 4001 Source: MSExchange System Attendant Mailbox

A transient failure has occurred. The problem may resolve itself in awhile. The service will retry in 56 seconds. Diagnostic information: Could not find any available Domain Controller.

I did exhaustive research and finally came across this thread, which suggested updating the Intel NC110T NIC drivers and disabling the checksum offload options on the server’s network card. I was already running the most recent version (9.10 dated February 25 2008) of the HP driver for the Intel NIC, but did disable all the checksum offload options.

Following a reboot all of my Event 4001 error messages disappeared. The local administrators are going to open a support case with HP to try to determine some type of resolution that does not require disabling the NIC’s checksum offload options.

Microsoft Exchange Server 2007 Shapes and Icons for Visio

I was just diagramming an Exchange 2007 deployment and came across the Microsoft Office Visio Stencil Containing Shapes for Microsoft Exchange Server 2007, a free download from Microsoft.

This stencil and template provided enable you to create Visio drawings that contain Exchange Server 2007 objects. These shapes include icons for Exchange 2007 server roles, networking, telephony and Unified Messaging objects, Active Directory and directory service objects, client computers and devices, and other Exchange organization elements. 

To use this stencil, place these 2 files (MicrosoftExchangeServer2007_Icons.vst and MicrosoftExchangeServer2007_Icons.vss) in your local C:\Documents and Settings\yourname\My Documents\My Shapes folder.

In Visio, click File, click Open, and then go to your My Shapes folder. Open the MicrosoftExchangeServer2007_Icons.vst file. The shapes will appear in the Microsoft Exchange Server 2007 stencil in the Shapes pane.

This download requires Microsoft Office Visio 2003 or later.


Howto: Enable POP3 logging in Exchange 2007

POP3 logging is not enabled by default in Exchange 2007. To enable it, edit the C:\Program Files\Microsoft\Exchange Server\ClientAccess\PopImap\Microsoft.Exchange.Pop3.exe.config file.

Under appSettings, change

<add key=”ProtocolLog” value=”false” />


<add key=”ProtocolLog” value=”true” />

and restart the Microsoft Exchange POP3 service. You can restart it in services.msc or run the following command from the Exchange Management Console:

Restart-service MSExchangePOP3

Log files will be created in your C:\Program Files\Microsoft\Exchange Server\Logging\Pop3 folder.

Troubleshooting Exchange 2007 ESE Event 491

My Exchange 2007 SP1 server started reporting Event 491 in the Application Log.

Source: ESE Event ID: 491

edgetransport (3488) Transport Mail Database: An attempt to determine the minimum I/O block size for the volume “D:\” containing “D:\Program Files\Microsoft\Exchange Server\TransportRoles\data\Queue\” failed with system error 5 (0x00000005): “Access is denied. “. The operation will fail with error -1032 (0xfffffbf8).

The Microsoft Exchange Transport service was not automatically starting as well. A few posts I found mentioned excluding the Program Files\Microsoft\Exchange Server\TransportRoles\data\Queue directory from anti-virus scanning. I played around with all sorts of exceptions, but that didn’t resolve my problem. I even disabled the real-time A-V scanner and rebooted the server, but the problems persisted.

After hours of searching I came across this post, which pointed at permissions as the root of the problem. I had removed the default permissions on the Exchange installation drive, and Network Service was missing on the list of permissions. I tried to assign the fewest permissions as possible, but in the end here is what I assigned.

  • NETWORK SERVICE has all rights *except* Full Control and Modify on the TransportRoles folder, and inheritance is turned on. This full path is D:\Program Files\Microsoft\Exchange Server\TransportRoles\ on my server, yours may vary.
  • NETWORK SERVICE has Full Control on the D:\Program Files\Microsoft\Exchange Server\TransportRoles\data\ folder, and inheritance is turned on.
  • NETWORK SERVICE has Read & Execute, List Folder Contents, and Read on the D:\Program Files\Microsoft\Exchange Server\ folder.
  • NETWORK SERVICE has Read & Execute, List Folder Contents, and Read on the root installation folder, which is D:\ for me. I did everything I could to avoid this, but couldn’t make it work without assigning this permission.

After making these changes, reboot your server and you should find Event 491 gone and your Microsoft Exchange Transport service automatically starting once again.

Troubleshooting Exchange Error 4.4.7 Delivery Delay and Failures


One of our partners keeps receiving the following messages when trying to email certain domains:

This is an automatically generated Delivery Status Notification.



Delivery to the following recipients has been delayed.

Where is the address he’s trying to send the message to.

Eventually he receives the following message

Your message did not reach some or all of the intended recipients.

The following recipient(s) could not be reached: on 3/27/2008 9:11 AM

Could not deliver the message in the time limit specified. Please retry or contact your administrator.

<originating.mailserver.hostname #4.4.7>

He’s sending to addresses he’s previously sent to with no problems.

KB 284204 notes the following about the 4.4.7 error message:

Possible Cause: The message in the queue has expired. The sending server tried to relay or deliver the message, but the action was not completed before the message expiration time occurred. This NDR may also indicate that a message header limit has been reached on a remote server or that some other protocol timeout occurred during communication with the remote server.

Troubleshooting: This code typically indicates an issue on the receiving server. Verify the validity of the recipient address, and verify that the receiving server is configured to receive messages correctly. You may have to reduce the number of recipients in the header of the message for the host that you are receiving this NDR from. If you resend the message, it is placed in the queue again. If the receiving server is on line, the message is delivered.

You can see the problem is usually on the recipient’s server. Common causes are the recipients mail server is offline or otherwise unreachable, possibly due to DNS problems.

One thing you can try on the originator’s mail server is to increase the SMTP Virtual Server’s Delay Notification and Expiration Timeout settings.

To access these settings in Exchange 2003, open System Manager and navigate to Servers – Your Mail Server’s Name – Protocols – SMTP. Right click on your SMTP Virtual Server – Properties – Delivery tab.

SMTP Virtual Server Delivery Settings

I changed my Delay notification from 12 hours to 18 hours, and the Expiration timeout from 2 days to 4 days. You will need to tweak these settings to what is appropriate for your particular environment.

Another reason you may have these errors, especially with AOL email recipient may be you don’t have a DNS PTR record (Reverse DNS Record) for your mail server. AOL explains:

“AOL does require that all connecting Mail Transfer Agents have established reverse DNS, regardless of whether it matches the domain.”

This means if your mail server doesn’t have a Reverse DNS record, your messages sent to AOL will fail.

AOL has a page where you can enter your mail server’s IP address to determine if AOL can find it’s corresponding Reverse DNS record. If you’re not sure what the IP address of your mail server is, you can look it up based on your domain name.

Also note that setting up a Reverse DNS record is not the same process you would perform while creating a host name or other record. With forward (regular) DNS you setup your name servers with your domain registrar, like Network Solutions. With reverse DNS you must contact your ISP to have them create and host the record. The reason why is because the ISP is who is ultimately responsible for your IP address, and only they can verify that your mail server does indeed reside at that particular IP address.